Trojaner, Windows 7 x64, OTL-Logs im Anhang

djhawk · 16.06.2013, 22:56

Hallo zusammen,
seit einigen Tagen startet mein Rechner nicht mehr, wenn ich auf den Startknopf drücke. Erst nach x-Versuchen geht es dann. Außerdem zeigt es bei mir immer wieder wenn ich ein Programm öffne bei einer .dll-Datei, dass ich ein "Ungültiges Bild" habe.

Ich habe euch die Logs angehängt, und hoffe, ihr könnt mir helfen.

schrauber · 17.06.2013, 04:43

Hi,

bitte mal noch FRST scannen lassen, Logs bitte in Codetags posten:

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

djhawk · 17.06.2013, 23:54

Hi Schrauber,
erstmal vielen Dank für deine Antwort.
Anbei die gewünschten .txt-Dateien.
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-06-2013 01
Ran by *** (administrator) on 18-06-2013 00:47:42
Running from C:\Users\***\Downloads
Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Spigot, Inc.) C:\Program Files\Application Updater\ApplicationUpdater.exe
() C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
() C:\Program Files\ICQ6Toolbar\ICQ Service.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
() C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Babylon Ltd.) C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Spigot, Inc.) C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2221352 2008-06-08] (Nero AG)
HKLM\...\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I [286720 2010-11-07] (Babylon Ltd.)
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1646216 2013-01-24] (Ask)
HKLM\...\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe" [235072 2013-04-11] (Visicom Media Inc.)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray [32032 2012-11-14] (Panda Security, S.L.)
HKLM\...\Run: []  [x]
HKLM\...\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" [1302336 2013-06-07] (Spigot, Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_0D16280C7457634F83927439AFA2D33C] "C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-05-23] (Google Inc.)
HKCU\...\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [491840 2013-01-15] (IObit)
HKCU\...\Run: [DriverScanner] "C:\PROGRA~1\Uniblue\DRIVER~1\launcher.exe" delay 20000  [338848 2012-07-10] (Uniblue Systems Limited)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
URLSearchHook: Koyote Soft Toolbar - {1E864EAC-892F-4A60-8C17-63123FD5731C} - C:\Program Files\Koyote Soft Toolbar\IE\7.2\koyotesoftToolbarIE.dll (Spigot, Inc.)
URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
HKCU SearchScopes: DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6OyC7XyTDj&i=26
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b8f5de950000000000000050ba7f64e1&tlver=1.4.19.19&affID=17160
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=244506&p={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {96282D84-2716-4F6F-A1E7-FDBDD8AB066B} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6OyC7XyTDj&i=26
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -  No File
BHO: Koyote Soft Toolbar - {1E864EAC-892F-4A60-8C17-63123FD5731C} - C:\Program Files\Koyote Soft Toolbar\IE\7.2\koyotesoftToolbarIE.dll (Spigot, Inc.)
BHO: CescrtHlpr Object - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: ADDICT-THING Class - {A7410BB6-0DEB-13F6-F043-39547022081D} - C:\ProgramData\ADDICT-THING\bhoclass.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
Toolbar: HKLM - Koyote Soft Toolbar - {1E864EAC-892F-4A60-8C17-63123FD5731C} - C:\Program Files\Koyote Soft Toolbar\IE\7.2\koyotesoftToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU -Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} hxxp://vexcast.com/download/vexcast.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default
FF SearchEngine: Google
FF Homepage: hxxp://www1.delta-search.com/?affID=121562&babsrc=HP_ss&mntrId=B8F50019DB4C0772
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: ADDICT-THING - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\4fb45f275ff30@4fb45f275ff69.info
FF Extension: Babylon - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\ffxtlbr@babylon.com
FF Extension: Delta Toolbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\ffxtlbr@delta.com
FF Extension: incredibar.com - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\ffxtlbr@incredibar.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\toolbar@ask.com
FF Extension: vShare Plugin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\vshare@toolbar
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Panda Security Toolbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
FF Extension: DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: koyotesoft - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\koyotesoft@mybrowserbar.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\emhx04ra.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

Chrome: 
=======
CHR HomePage: hxxp://mystart.incredibar.com/mb139?a=6OyC7XyTDj&i=26
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\J\u00F6rn\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\J\u00F6rn\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\J\u00F6rn\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\J\u00F6rn\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Web Assistant) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.440_0
CHR Extension: (ADDICT-THING) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaoikffbimdhgpbnaldmmeefgjfpmdhb\1.0_0
CHR Extension: (RealDownloader) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0
CHR Extension: (Gmail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [465216 2013-01-15] (IObit)
R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [806776 2013-06-07] (Spigot, Inc.)
R2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [3085264 2013-06-03] ()
R2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247608 2010-11-21] ()
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140064 2012-11-12] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe [36640 2012-11-14] (Panda Security, S.L.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)
S2 vvdsvc; C:\Windows\system32\nagasoft\vjocx.dll [1695368 2009-09-24] (NanJing Nagasoft Co, LTD.)
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [185856 2012-05-08] ()

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 HCWBT8xx; C:\Windows\System32\drivers\HCWBT8XX.sys [472644 2006-01-25] (Hauppauge Computer Works)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [119208 2012-11-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [139176 2012-11-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [163112 2012-11-09] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [29224 2012-10-22] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [133544 2012-11-09] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [74792 2012-11-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125480 2012-11-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [370216 2012-11-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [191528 2012-11-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [128040 2012-11-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [276520 2012-11-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [133928 2012-11-09] (Panda Security, S.L.)
R0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [36736 2012-10-19] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [149544 2012-11-09] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [104488 2012-11-09] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [174632 2012-11-09] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [114216 2012-11-09] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [123944 2012-11-09] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [46672 2012-11-07] (Panda Security, S.L.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 USB100; C:\Windows\System32\DRIVERS\USB100.sys [25821 2001-06-20] (ELECOM)
R0 videX32; C:\Windows\System32\DRIVERS\videX32.sys [13976 2000-01-01] (VIA Technologies, Inc.)
R0 xfilt; C:\Windows\System32\DRIVERS\xfilt.sys [23192 2000-01-01] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-18 00:47 - 2013-06-18 00:47 - 00000000 ____D C:\FRST
2013-06-18 00:46 - 2013-06-18 00:46 - 01365333 ____A (Farbar) C:\Users\***\Downloads\FRST.exe
2013-06-18 00:03 - 2012-10-19 12:47 - 00036736 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\PsBoot.sys
2013-06-16 23:55 - 2013-06-16 23:55 - 00024055 ____A C:\Users\***\Downloads\OTL.rar
2013-06-16 23:29 - 2013-06-16 23:52 - 00056378 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-16 23:27 - 2013-06-16 23:53 - 00128354 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-16 23:17 - 2013-06-16 23:17 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-16 23:11 - 2013-06-16 23:11 - 00162120 ____A () C:\Users\***\Downloads\7ZipSetup.exe
2013-06-16 19:28 - 2013-06-16 19:28 - 00000000 ____D C:\Program Files\Koyote Soft Toolbar
2013-06-16 19:28 - 2013-06-16 19:28 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-06-16 19:28 - 2013-06-16 19:28 - 00000000 ____D C:\Program Files\Application Updater
2013-06-14 00:07 - 2013-06-14 00:07 - 00001870 ____A C:\Windows\PFRO.log
2013-06-13 23:50 - 2013-06-18 00:03 - 00000392 ____A C:\Windows\setupact.log
2013-06-13 23:50 - 2013-06-13 23:50 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 19:10 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 19:09 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 19:08 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 19:08 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 19:08 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 19:08 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 19:08 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 19:06 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-12 19:06 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-12 19:05 - 2013-05-16 20:21 - 01231872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 19:05 - 2013-05-16 20:21 - 00981504 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 19:05 - 2013-05-16 20:21 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 19:05 - 2013-05-16 20:18 - 06034432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 19:05 - 2013-05-16 20:18 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 19:05 - 2013-05-16 20:18 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 19:05 - 2013-05-16 20:17 - 11020800 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 19:05 - 2013-05-16 20:17 - 02078208 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 19:05 - 2013-05-16 20:17 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 19:05 - 2013-05-16 20:17 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 19:05 - 2013-05-16 18:44 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 19:05 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-26 22:41 - 2012-11-07 10:00 - 00046672 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\PSKMAD.sys
2013-05-25 18:13 - 2013-04-10 05:14 - 02347520 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-19 23:42 - 2013-03-19 06:53 - 00186368 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-19 23:42 - 2013-03-19 05:33 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-19 23:40 - 2013-04-10 07:18 - 00728424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-19 23:40 - 2013-04-10 07:18 - 00218984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-19 23:40 - 2013-02-27 07:05 - 00101720 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-19 23:40 - 2013-02-27 06:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-19 23:40 - 2013-02-27 06:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-19 23:40 - 2013-02-27 06:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-19 23:40 - 2013-02-27 06:49 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll

==================== One Month Modified Files and Folders ========

2013-06-18 00:47 - 2013-06-18 00:47 - 00000000 ____D C:\FRST
2013-06-18 00:46 - 2013-06-18 00:46 - 01365333 ____A (Farbar) C:\Users\***\Downloads\FRST.exe
2013-06-18 00:22 - 2012-04-22 20:41 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 00:10 - 2009-07-14 06:34 - 00026176 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 00:10 - 2009-07-14 06:34 - 00026176 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 00:04 - 2012-02-16 00:51 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-06-18 00:03 - 2013-06-13 23:50 - 00000392 ____A C:\Windows\setupact.log
2013-06-18 00:03 - 2013-04-17 19:20 - 00000326 ____A C:\Windows\Tasks\DriverScanner.job
2013-06-18 00:03 - 2010-06-02 17:57 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1253650660-3201171741-2812089110-1000UA.job
2013-06-18 00:03 - 2010-06-02 17:57 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1253650660-3201171741-2812089110-1000Core.job
2013-06-18 00:03 - 2010-04-24 00:10 - 00000000 ___RD C:\Users\***\Documents\My Dropbox
2013-06-18 00:03 - 2010-04-24 00:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2013-06-18 00:03 - 2009-07-14 06:53 - 00000378 ____N C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-18 00:03 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-16 23:57 - 2010-03-01 21:01 - 02030521 ____A C:\Windows\WindowsUpdate.log
2013-06-16 23:55 - 2013-06-16 23:55 - 00024055 ____A C:\Users\***\Downloads\OTL.rar
2013-06-16 23:53 - 2013-06-16 23:27 - 00128354 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-16 23:52 - 2013-06-16 23:29 - 00056378 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-16 23:17 - 2013-06-16 23:17 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-16 23:11 - 2013-06-16 23:11 - 00162120 ____A () C:\Users\***\Downloads\7ZipSetup.exe
2013-06-16 22:54 - 2012-05-17 13:11 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-16 22:37 - 2010-03-02 00:01 - 00000000 ____D C:\Users\***\AppData\Roaming\UseNeXT
2013-06-16 22:36 - 2010-03-02 00:01 - 00000000 ____D C:\Users\***\Documents\UseNeXT
2013-06-16 19:59 - 2010-03-01 23:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-16 19:28 - 2013-06-16 19:28 - 00000000 ____D C:\Program Files\Koyote Soft Toolbar
2013-06-16 19:28 - 2013-06-16 19:28 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-06-16 19:28 - 2013-06-16 19:28 - 00000000 ____D C:\Program Files\Application Updater
2013-06-14 00:07 - 2013-06-14 00:07 - 00001870 ____A C:\Windows\PFRO.log
2013-06-14 00:07 - 2013-04-17 19:23 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-14 00:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-13 23:58 - 2010-03-05 02:19 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 23:53 - 2012-04-22 20:41 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 23:53 - 2011-07-12 22:56 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-13 23:50 - 2013-06-13 23:50 - 00000000 ____A C:\Windows\setuperr.log
2013-05-29 00:07 - 2010-03-02 00:03 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-05-28 20:32 - 2011-09-08 12:54 - 00000000 ____D C:\Users\***\dwhelper
2013-05-26 23:45 - 2010-03-27 16:24 - 00000000 ____D C:\Users\***\AppData\Roaming\ICQ
2013-05-26 23:15 - 2009-07-14 06:33 - 03833952 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-26 23:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-25 18:15 - 2010-03-01 23:22 - 01519798 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-25 18:14 - 2010-03-02 02:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-25 17:32 - 2010-06-02 17:58 - 00002325 ____A C:\Users\***\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-16 20:45

==================== End Of Log ============================

--- --- ---
FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-06-2013 01
Ran by *** at 2013-06-18 00:49:31 Run:
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

ABBYY FineReader 5.0 Sprint (Version: 5.0.482.3421)
ADDICT-THING (Version: )
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color EU Recommended Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Extra Settings CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Fonts All (Version: 2.0)
Adobe Help Manager (Version: 4.0.244)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe InDesign CS6 (Version: 8.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Reader 9.5.1 - Deutsch (Version: 9.5.1)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Adobe SING CS4 (Version: 2.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Advanced SystemCare 6 (Version: 6.1)
Advertising Center (Version: 0.0.0.2)
AIDA32 v3.93
Any Video Converter 3.2.7
Ashampoo Burning Studio 2010 (Version: 9.21)
Ask Toolbar (Version: 1.15.15.0)
Babylon toolbar
BrowserProtect
Color LaserJet 2600n
Connect (Version: 1.0.0.1)
Cool Edit Pro 2.0
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Delta toolbar   (Version: 1.8.16.16)
Dropbox (Version: 2.0.22)
FoxTab Audio Converter
Free FLV Converter V 7.1.0 (Version: 7.1.0.0)
Free Studio version 2013 (Version: 6.1.0.320)
Google Chrome (Version: 27.0.1453.94)
ICQ Toolbar (Version: 3.0.0)
ICQ7.5 (Version: 7.5)
ImagXpress (Version: 7.0.74.0)
Incredibar Toolbar  on IE
IObit Malware Fighter (Version: 1.0)
IrfanView (remove only) (Version: 4.27)
Java(TM) 6 Update 37 (Version: 6.0.370)
Koyote Soft Toolbar v7.2 (Version: 7.2)
kuler (Version: 2.0)
Lexmark X1100 Series
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 Essentials (Version: 8.3.382)
Nero 9 Essentials
Nero 9 Lite
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.31.100)
Nero Toolbar Updater (Version: 1.2.4.35882)
neroxml (Version: 1.0.0)
Norton Security Scan (Version: 3.7.2.5)
NVIDIA PhysX (Version: 9.09.0814)
OpenAL
OpenOffice.org 3.2 (Version: 3.2.9483)
Panda Cloud Antivirus (Version: 2.1.0)
Panda Cloud Antivirus (Version: 5.00.00.0000)
Panda Security Toolbar (Version: 4.0.0.12)
Panda Security URL Filtering (Version: 2.0.0.14)
PDF Settings CS4 (Version: 9.0)
PDF Settings CS6 (Version: 11.0)
Photoshop Camera Raw (Version: 5.0)
Platform (Version: 1.34)
ratDVD 0.78.1444 (Version: 0.78.1444)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek AC'97 Audio
Realtek Ethernet Controller Driver (Version: 7.53.216.2012)
RealUpgrade 1.1 (Version: 1.1.0)
SecurDisc Viewer (Version: 1.4.4)
SlimDrivers (Version: 2.2.27236)
Smart Defrag 2 (Version: 2.7)
Suite Shared Configuration CS4 (Version: 1.0)
TmNationsForever
Toolbar Cleaner 1.0
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Uniblue DriverScanner (Version: 4.0.9.10)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
UseNeXT by Tangysoft
VCRedistSetup (Version: 1.0.0)
VIA Plattform-Geräte-Manager (Version: 1.34)
Virtual DJ Home Edition - Atomix Productions
VLC media player 1.0.5 (Version: 1.0.5)
Web Assistant 2.0.0.440
WinRAR
XMedia Recode 2.1.8.4 (Version: 2.1.8.4)

==================== Restore Points  =========================

27-04-2013 16:06:45 Windows Update
04-05-2013 07:43:43 Windows Update
11-05-2013 13:45:11 Windows Update
19-05-2013 21:30:44 Windows Update
25-05-2013 15:35:44 Windows Update
26-05-2013 20:47:49 Windows Update
12-06-2013 17:05:38 Windows Update
13-06-2013 21:55:51 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {02AD58B4-531F-43C9-9757-16E4C435FFD1} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {02BD5AFF-ABEC-427A-829B-BCA3816DC610} - \TuneUpUtilities_Task_BkGndMaintenance2013 No File
Task: {0AAF85F5-B5BB-462D-8501-A38C26EEE255} - \Scheduled Update for Ask Toolbar No File
Task: {12994921-533E-4F42-B735-BEB00BA3F389} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {15C63682-2A6D-4D98-A1E9-1B82D2FACF44} - \GoogleUpdateTaskUserS-1-5-21-1253650660-3201171741-2812089110-1000Core No File
Task: {1B01D4F4-0B89-4B2D-8832-3EA940914387} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {30D88BD1-5BE6-48AA-971C-AE798C106729} - \{F39415D0-A1B3-48AA-AAFA-7143FD609CF0} No File
Task: {38FBC7B3-6041-4D7C-97FE-17BBE2A8C097} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {4D9AE8D7-3DB3-42AD-867C-52A1B6EB484B} - \{926856D8-19B6-4100-9DD6-777D84553F49} No File
Task: {54672D29-A57A-4A4A-9C8E-4C5FF0F12FC8} - \Java Update Scheduler No File
Task: {635BD5B7-2A96-4B3F-8656-5DCE27C2868E} - \ASC6_PerformanceMonitor No File
Task: {655CD9E8-EE4C-45EF-83B8-E8D088845ACD} - \RealUpgradeLogonTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {6A2A3D6E-FFA4-4053-8D73-7D86FD2BB495} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {6B3DF18F-CE6E-4140-9120-9ED62BBA3491} - \DriverScanner No File
Task: {762604D0-5BB1-4587-8BAF-8F8397388D5B} - \AutoKMS No File
Task: {8125A687-CE70-448B-9A16-1D7C5649C6AF} - \Norton Security Scan for *** No File
Task: {86D9D168-A293-4EF1-91E7-70A1F51AF31C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {86EDCCA5-DD21-4BCA-8E77-B82B33F7D308} - \{9F555EE9-A4A4-4138-A1F7-76F6836D7DD2} No File
Task: {886BBCF3-CA18-4947-BCA3-D90F7AD94A95} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {A5D57494-3A06-4277-B432-F97E435DE844} - \Adobe Flash Player Updater No File
Task: {AD247B26-676F-43FE-A776-BEBCB6E25882} - \Real Player-Online-Aktualisierungsprogramm No File
Task: {C2FB05A7-EB3C-4D24-8D7B-9730F7CC5E43} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {C8E17711-8811-4D6E-87F5-D6AE431A6422} - \SmartDefrag_Startup No File
Task: {DCB2F0B1-FD9C-4C3C-806E-C4E745E65553} - \Google Updater and Installer No File
Task: {E0E99DF4-038F-410C-A34D-67D81AE4E0F3} - \GoogleUpdateTaskUserS-1-5-21-1253650660-3201171741-2812089110-1000UA No File
Task: {E49803A3-792A-4B37-876F-03C52DAFD342} - \RealUpgradeScheduledTaskS-1-5-21-1253650660-3201171741-2812089110-1000 No File
Task: {E8164C0D-216C-4B6B-9EB8-31BF958B8014} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [2009-06-10] ()
Task: {EAB14169-704E-4C26-BD85-DEBAEF7FF3A1} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1253650660-3201171741-2812089110-1000 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {F6DF3D85-496F-45A2-90EF-7CCB1CE3AF25} - \SmartDefragUpdate No File

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/16/2013 08:44:38 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2013 08:36:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: recordingmanager.exe, Version: 1.3.0.208, Zeitstempel: 0x50b836fe
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c380b
ID des fehlerhaften Prozesses: 0x448
Startzeit der fehlerhaften Anwendung: 0xrecordingmanager.exe0
Pfad der fehlerhaften Anwendung: recordingmanager.exe1
Pfad des fehlerhaften Moduls: recordingmanager.exe2
Berichtskennung: recordingmanager.exe3

Error: (05/28/2013 08:35:22 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2013 08:35:22 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/25/2013 06:28:59 PM) (Source: IMFservice) (User: )
Description: Das Handle ist ungültig

Error: (05/25/2013 06:28:59 PM) (Source: IMFservice) (User: )
Description: Das Handle ist ungültig

Error: (05/20/2013 00:19:11 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067abd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x844
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3

Error: (05/11/2013 04:38:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067abd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x838
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3

Error: (04/30/2013 06:55:21 PM) (Source: IMFservice) (User: )
Description: Das Handle ist ungültig

Error: (04/30/2013 00:31:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/18/2013 00:24:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/16/2013 10:57:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147024877

Error: (06/16/2013 07:43:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/14/2013 00:05:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%6701

Error: (06/14/2013 00:05:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (06/12/2013 06:19:50 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (05/28/2013 08:25:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/28/2013 08:03:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/26/2013 10:41:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Panda Cloud Antivirus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2013 06:28:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WerSvc" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1352

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (06/16/2013 08:44:38 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe

Error: (05/28/2013 08:36:02 PM) (Source: Application Error)(User: )
Description: recordingmanager.exe1.3.0.20850b836fentdll.dll6.1.7601.177254ec49b60c0000374000c380b44801ce5bd1ffb81670C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exeC:\Windows\SYSTEM32\ntdll.dll721f988a-c7c5-11e2-8c64-0019db4c0772

Error: (05/28/2013 08:35:22 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (05/28/2013 08:35:22 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (05/25/2013 06:28:59 PM) (Source: IMFservice)(User: )
Description: Das Handle ist ungültig

Error: (05/25/2013 06:28:59 PM) (Source: IMFservice)(User: )
Description: Das Handle ist ungültig

Error: (05/20/2013 00:19:11 AM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService32.exe13.0.3020.251067abdunknown0.0.0.000000000c00000050000000084401ce54d590225e16C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exeunknown2159aa55-c0d2-11e2-862c-0019db4c0772

Error: (05/11/2013 04:38:08 PM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService32.exe13.0.3020.251067abdunknown0.0.0.000000000c00000050000000083801ce4e4cde1e3e7dC:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exeunknown650d5c59-ba48-11e2-9760-0019db4c0772

Error: (04/30/2013 06:55:21 PM) (Source: IMFservice)(User: )
Description: Das Handle ist ungültig

Error: (04/30/2013 00:31:49 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings64.exe


==================== Memory info =========================== 

Percentage of memory in use: 87%
Total physical RAM: 1022.55 MB
Available physical RAM: 123.73 MB
Total Pagefile: 2046.55 MB
Available Pagefile: 813.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.28 GB) (Free:386.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (Volume) (Fixed) (Total:244.14 GB) (Free:244.05 GB) NTFS
Drive g: (Volume) (Fixed) (Total:199.09 GB) (Free:180.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: BD40BD40)
Partition 1: (Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=199 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 18.06.2013, 07:03

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Trojaner, Windows 7 x64, OTL-Logs im Anhang

Log-Analyse und Auswertung: Trojaner, Windows 7 x64, OTL-Logs im Anhang